<?php
/* 
	This file is Copyright Matthew Wilkinson 2009.
	
	This file is part of Oxygen.

	Oxygen is free software: you can redistribute it and/or modify
	it under the terms of the GNU General Public License version 3 as published by
	the Free Software Foundation at http://www.gnu.org/licenses/gpl-3.0.html

	Oxygen is distributed in the hope that it will be useful,
	but WITHOUT ANY WARRANTY; without even the implied warranty of
	MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
	GNU General Public License for more details.

*/

Final Class Forum
	{
	
	private static $sessid = null;
	private static $session = Array();

	private static $currentuser = null;
	
	public static function session_id()
		{
		self::_construct();
		return self::$sessid;
		}
	
	public static function CurrentUser()
		{
		self::_construct();
		return self::$currentuser;
		}
	
	
		
	private static function _construct()
		/* Now that all inputs are sanitised properly, we need to check for required constants, and use their defaults if not set */
		
		if(!defined('_OXYGEN_LANGS_DIR')) { define('_OXYGEN_LANGS_DIR', './langs'); }
		if(!defined('_OXYGEN_ADMIN_DIR')) { define('_OXYGEN_ADMIN_DIR', './admin'); }

		if(!defined('_LANG_DEFAULT')) { define('_LANG_DEFAULT', 'en'); }

		if(!defined('_DB_DRIVER')) { define('_DB_DRIVER', 'O_MySQL'); }
		if(!defined('_DB_CONNECT')) { define('_DB_CONNECT', ''); }
		
		
		/* Now we need to initialise the user's session data, setting CurrentUser and so on... */
		
		if (isset(Input::$COOKIE['OXYGEN_SESSION']) OR isset(Input::$GET['OXS']))
			{
			$sessid = (isset(Input::$COOKIE['OXYGEN_SESSION'])?self::$COOKIE['OXYGEN_SESSION']:?Input::$GET['OXS']);
			$session = Database::query('SELECT * FROM sessions WHERE sessid="{string}"', $sessid);
			$session = json_decode($session[0]['session']);
			
			$sesstoken = sha1(Input::$SERVER['REMOTE_ADDR'] . Input::$SERVER['HTTPS'] . Input::$SERVER['HTTP_USER_AGENT']);
			if ($sesstoken !== $session['token'])
				{
				header('HTTP/1.1 403 Forbidden', TRUE, 403);
				die();
				}
			else
				{
				self::$sessid = $sessid;
				self::$session = $session;
				if (self::$session['loggedin'] == TRUE)
					{
					self::$currentuser = new User(self::$session['userid']);
					}
				}
			}
		/*else
			{
			$sessid = sha1(mt_rand());*/
			
			
		
		
		/* Load components so that they can register with Events */
		$components = Database::query('SELECT * FROM components WHERE state=1');
		foreach ($components as $component)
			{
			$component['short_name'] = Security::Directory($components['short_name']);
			self::$components[$component['short_name']] = new $component['short_name']();
			}
		
		
				
		
		}
	}

?>	